Yep. Zero-days can be discovered by folks with malicious or non-malicious intentions.

thanks for the comment
tim

]]>By: Jimhttp://blogs.cisco.com/security/what-is-a-zero-day-vulnerability#comment-693550
Wed, 07 Nov 2012 20:03:26 +0000http://blogs.cisco.com/?p=90738#comment-693550If I understand it there just has to be a working exploit. In the latest Microsoft IE exploit that happened in September I do not believe the discover was malicious. From what I understand the exploit was found by a researcher who went to Metasploit to develop a “working exploit”. Metsploit developed the exploit and reported the vulnerability as a 0day exploit/vulnerability.
]]>By: Tim Sammuthttp://blogs.cisco.com/security/what-is-a-zero-day-vulnerability#comment-693503
Wed, 07 Nov 2012 17:29:38 +0000http://blogs.cisco.com/?p=90738#comment-693503Thanks, Richard.

I believe the developer’s intentions and knowledge of the issue are not relevant; and rather that the security exposure present to users is the driving factor in determining what is a vulnerability.

The three traits of a zero-day seem to hold true here since the majority of backdoors could be rightly labeled vulnerabilities.

Let’s look at the “intentions” of both “holes” Although, I’m not an expert on zero day attack, but I think zero day attack exploits the fact developers do not know about the vulnerabilities. So yes, an attacker can exploit it and probably for a long time before developers even figure out how to block it.

Now, “backdoor” was “designed” by developers to allow them bypass some authentication process when there’s a need for it. Developers must know how to quickly block/fix the backdoor if there’s a need for it. Have you seen the movie Knight Rider 2008?

So, my point is backdoors are deliberate with possible immediate remedy but zero day vulnerability is not deliberate, possibly unknown to developer and the fix is actually unknown.

Backdoors becomes vulnerability when known externally. Zero day holes are 100% vulnerabilities because they are not known even internally but externally. But there’s a thin line between them.

Well, again Tim, I’m not an expert, my researcher mind is just active. lol

I think that if these backdoors are themselves vulnerabilities because they would allow an attacker to do something beyond what should be allowed, than yes, they are zero-day vulnerabilities if they meet the tests above.

Now, when developers build new tools, I understand they sometimes build “backdoor” into the algorithms. Would you say when this backdoor becomes known and utilized publicly, it becomes a zero day attack?

Note that the developers deliberately built the backdoor into the software.